Overview

overview

10

Static

static

10

1188-61-0x...ry.exe

windows7-x64

1188-61-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1188-61-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    28ff9193ee44b3b9f5e2b9f21666492f

  • SHA1

    ba6933df5f6909a14fcadda0269bec342d9138b7

  • SHA256

    f47c5af6dba66142a2403e383901612382846864adda4e84a915594fb73534d1

  • SHA512

    fdd1834952b2abf12dc1eafd597c657520939b8f014e9a0518bf8dd913d77d39b2b403fce1e7bcde082dd798ebd293e500f0ad8f487a250093552e954cd45c5a

  • SSDEEP

    1536:0tPg27eK5vKPvwTjcgTwgN7z4FMF/RcikuNCSbKu/VQ6piOWBD:0tPg2KC7H7z4M0uN5bfCswB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    mail.thanhphuong.com.vn
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    87IRKR4d
C2

https://api.telegram.org/bot6076066461:AAFcrftn4bgQApdtfr9nDQVneglOzbFaFZ4/sendMessage?chat_id=1225679122

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1188-61-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections